[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Tue May 12 14:25:06 UTC 2015
The branch master has been updated
via 9a555706a3fb8f6622e1049ab510a12f4e1bc6a2 (commit)
from 253617806da0aeb0cea1fedf6136460fb4993eae (commit)
- Log -----------------------------------------------------------------
commit 9a555706a3fb8f6622e1049ab510a12f4e1bc6a2
Author: Rich Salz <rsalz at akamai.com>
Date: Fri May 8 12:05:36 2015 -0400
Make COMP_CTX and COMP_METHOD opaque
Since COMP_METHOD is now defined in comp_lcl.h, it is no
longer possible to create new TLS compression methods without
using the OpenSSL source. Only ZLIB is supported by default.
Also, since the types are opaque, #ifdef guards to use "char *"
instead of the real type aren't necessary.
The changes are actually minor. Adding missing copyright to some
files makes the diff misleadingly big.
Reviewed-by: Matt Caswell <matt at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/comp/Makefile | 4 +-
crypto/comp/c_zlib.c | 57 +++++++++++++++++++-
apps/timeouts.h => crypto/comp/comp_lcl.h | 33 +++++++-----
crypto/comp/comp_lib.c | 81 ++++++++++++++++++++++++++--
include/openssl/comp.h | 88 +++++++++++++++++++++----------
include/openssl/ossl_typ.h | 5 +-
include/openssl/ssl.h | 15 +-----
ssl/ssl_ciph.c | 46 ++++++++--------
ssl/ssl_lib.c | 29 ++++------
ssl/ssl_locl.h | 19 +------
ssl/ssl_txt.c | 5 +-
test/ssltest.c | 5 +-
util/libeay.num | 4 ++
util/ssleay.num | 20 +++----
14 files changed, 273 insertions(+), 138 deletions(-)
copy apps/timeouts.h => crypto/comp/comp_lcl.h (76%)
diff --git a/crypto/comp/Makefile b/crypto/comp/Makefile
index 1a180f4..7884f99 100644
--- a/crypto/comp/Makefile
+++ b/crypto/comp/Makefile
@@ -68,7 +68,7 @@ c_zlib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
c_zlib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
c_zlib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
c_zlib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-c_zlib.o: ../../include/openssl/symhacks.h c_zlib.c
+c_zlib.o: ../../include/openssl/symhacks.h c_zlib.c comp_lcl.h
comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h
comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
@@ -82,4 +82,4 @@ comp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
comp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c
+comp_lib.o: ../../include/openssl/symhacks.h comp_lcl.h comp_lib.c
diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c
index 2d5b54f..83773a1 100644
--- a/crypto/comp/c_zlib.c
+++ b/crypto/comp/c_zlib.c
@@ -1,9 +1,64 @@
+/* ====================================================================
+ * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/objects.h>
#include <openssl/comp.h>
#include <openssl/err.h>
+#include "comp_lcl.h"
COMP_METHOD *COMP_zlib(void);
@@ -14,8 +69,6 @@ static COMP_METHOD zlib_method_nozlib = {
NULL,
NULL,
NULL,
- NULL,
- NULL,
};
#ifndef ZLIB
diff --git a/apps/timeouts.h b/crypto/comp/comp_lcl.h
similarity index 76%
copy from apps/timeouts.h
copy to crypto/comp/comp_lcl.h
index f423010..f1ec8d5 100644
--- a/apps/timeouts.h
+++ b/crypto/comp/comp_lcl.h
@@ -1,10 +1,5 @@
-/* apps/timeouts.h */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra at cs.stanford.edu) for the OpenSSL project 2005.
- */
/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2017 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -54,14 +49,26 @@
* This product includes cryptographic software written by Eric Young
* (eay at cryptsoft.com). This product includes software written by Tim
* Hudson (tjh at cryptsoft.com).
- *
*/
-#ifndef INCLUDED_TIMEOUTS_H
-# define INCLUDED_TIMEOUTS_H
-/* numbers in us */
-# define DGRAM_RCV_TIMEOUT 250000
-# define DGRAM_SND_TIMEOUT 250000
+struct comp_method_st {
+ int type; /* NID for compression library */
+ const char *name; /* A text string to identify the library */
+ int (*init) (COMP_CTX *ctx);
+ void (*finish) (COMP_CTX *ctx);
+ int (*compress) (COMP_CTX *ctx,
+ unsigned char *out, unsigned int olen,
+ unsigned char *in, unsigned int ilen);
+ int (*expand) (COMP_CTX *ctx,
+ unsigned char *out, unsigned int olen,
+ unsigned char *in, unsigned int ilen);
+};
-#endif /* ! INCLUDED_TIMEOUTS_H */
+struct comp_ctx_st {
+ struct comp_method_st *meth;
+ unsigned long compress_in;
+ unsigned long compress_out;
+ unsigned long expand_in;
+ unsigned long expand_out;
+};
diff --git a/crypto/comp/comp_lib.c b/crypto/comp/comp_lib.c
index 42d9936..aa82376 100644
--- a/crypto/comp/comp_lib.c
+++ b/crypto/comp/comp_lib.c
@@ -1,17 +1,70 @@
+/* ====================================================================
+ * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/objects.h>
#include <openssl/comp.h>
+#include "comp_lcl.h"
COMP_CTX *COMP_CTX_new(COMP_METHOD *meth)
{
COMP_CTX *ret;
- if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) {
- /* ZZZZZZZZZZZZZZZZ */
+ if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL)
return (NULL);
- }
memset(ret, 0, sizeof(*ret));
ret->meth = meth;
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
@@ -21,6 +74,21 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth)
return (ret);
}
+const COMP_METHOD *COMP_CTX_get_method(const COMP_CTX *ctx)
+{
+ return ctx->meth;
+}
+
+int COMP_get_type(const COMP_METHOD *meth)
+{
+ return meth->type;
+}
+
+const char *COMP_get_name(const COMP_METHOD *meth)
+{
+ return meth->name;
+}
+
void COMP_CTX_free(COMP_CTX *ctx)
{
if (ctx == NULL)
@@ -37,7 +105,6 @@ int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
{
int ret;
if (ctx->meth->compress == NULL) {
- /* ZZZZZZZZZZZZZZZZZ */
return (-1);
}
ret = ctx->meth->compress(ctx, out, olen, in, ilen);
@@ -54,7 +121,6 @@ int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
int ret;
if (ctx->meth->expand == NULL) {
- /* ZZZZZZZZZZZZZZZZZ */
return (-1);
}
ret = ctx->meth->expand(ctx, out, olen, in, ilen);
@@ -64,3 +130,8 @@ int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
}
return (ret);
}
+
+int COMP_CTX_get_type(const COMP_CTX* comp)
+{
+ return comp->meth ? comp->meth->type : NID_undef;
+}
diff --git a/include/openssl/comp.h b/include/openssl/comp.h
index 6799b0f..c7d903f 100644
--- a/include/openssl/comp.h
+++ b/include/openssl/comp.h
@@ -1,3 +1,57 @@
+/* ====================================================================
+ * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
#ifndef HEADER_COMP_H
# define HEADER_COMP_H
@@ -8,41 +62,19 @@
extern "C" {
#endif
-typedef struct comp_ctx_st COMP_CTX;
-
-typedef struct comp_method_st {
- int type; /* NID for compression library */
- const char *name; /* A text string to identify the library */
- int (*init) (COMP_CTX *ctx);
- void (*finish) (COMP_CTX *ctx);
- int (*compress) (COMP_CTX *ctx,
- unsigned char *out, unsigned int olen,
- unsigned char *in, unsigned int ilen);
- int (*expand) (COMP_CTX *ctx,
- unsigned char *out, unsigned int olen,
- unsigned char *in, unsigned int ilen);
- /*
- * The following two do NOTHING, but are kept for backward compatibility
- */
- long (*ctrl) (void);
- long (*callback_ctrl) (void);
-} COMP_METHOD;
-
-struct comp_ctx_st {
- COMP_METHOD *meth;
- unsigned long compress_in;
- unsigned long compress_out;
- unsigned long expand_in;
- unsigned long expand_out;
- CRYPTO_EX_DATA ex_data;
-};
COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
+const COMP_METHOD *COMP_CTX_get_method(const COMP_CTX *ctx);
+int COMP_CTX_get_type(const COMP_CTX* comp);
+int COMP_get_type(const COMP_METHOD *meth);
+const char *COMP_get_name(const COMP_METHOD *meth);
void COMP_CTX_free(COMP_CTX *ctx);
+
int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen);
int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen);
+
COMP_METHOD *COMP_zlib(void);
void COMP_zlib_cleanup(void);
diff --git a/include/openssl/ossl_typ.h b/include/openssl/ossl_typ.h
index b32ce66..e4e3270 100644
--- a/include/openssl/ossl_typ.h
+++ b/include/openssl/ossl_typ.h
@@ -1,5 +1,5 @@
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -176,6 +176,9 @@ typedef struct engine_st ENGINE;
typedef struct ssl_st SSL;
typedef struct ssl_ctx_st SSL_CTX;
+typedef struct comp_ctx_st COMP_CTX;
+typedef struct comp_method_st COMP_METHOD;
+
typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 43c6801..e8c2e6c 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -145,9 +145,7 @@
# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_COMP
-# include <openssl/comp.h>
-# endif
+# include <openssl/comp.h>
# include <openssl/bio.h>
# ifdef OPENSSL_USE_DEPRECATED
# include <openssl/x509.h>
@@ -703,9 +701,6 @@ __owur int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
unsigned int *id_len);
-typedef struct ssl_comp_st SSL_COMP;
-
-
# define SSL_SESS_CACHE_OFF 0x0000
# define SSL_SESS_CACHE_CLIENT 0x0001
# define SSL_SESS_CACHE_SERVER 0x0002
@@ -1774,7 +1769,6 @@ void SSL_set_tmp_ecdh_callback(SSL *ssl,
int keylength));
# endif
-# ifndef OPENSSL_NO_COMP
__owur const COMP_METHOD *SSL_get_current_compression(SSL *s);
__owur const COMP_METHOD *SSL_get_current_expansion(SSL *s);
__owur const char *SSL_COMP_get_name(const COMP_METHOD *comp);
@@ -1783,13 +1777,6 @@ __owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
*meths);
void SSL_COMP_free_compression_methods(void);
__owur int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
-# else
-__owur const void *SSL_get_current_compression(SSL *s);
-__owur const void *SSL_get_current_expansion(SSL *s);
-__owur const char *SSL_COMP_get_name(const void *comp);
-void *SSL_COMP_get_compression_methods(void);
-__owur int SSL_COMP_add_compression_method(int id, void *cm);
-# endif
const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *c);
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index ed274e0..ddedf5c 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -495,22 +495,20 @@ static void load_builtin_compressions(void)
if (ssl_comp_methods == NULL) {
SSL_COMP *comp = NULL;
+ COMP_METHOD *method = COMP_zlib();
MemCheck_off();
ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
- if (ssl_comp_methods != NULL) {
+ if (COMP_get_type(method) != NID_undef
+ && ssl_comp_methods != NULL) {
comp = OPENSSL_malloc(sizeof(*comp));
if (comp != NULL) {
- comp->method = COMP_zlib();
- if (comp->method && comp->method->type == NID_undef)
- OPENSSL_free(comp);
- else {
- comp->id = SSL_COMP_ZLIB_IDX;
- comp->name = comp->method->name;
- sk_SSL_COMP_push(ssl_comp_methods, comp);
- }
+ comp->method = method;
+ comp->id = SSL_COMP_ZLIB_IDX;
+ comp->name = COMP_get_name(method);
+ sk_SSL_COMP_push(ssl_comp_methods, comp);
+ sk_SSL_COMP_sort(ssl_comp_methods);
}
- sk_SSL_COMP_sort(ssl_comp_methods);
}
MemCheck_on();
}
@@ -1870,20 +1868,23 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
}
#ifdef OPENSSL_NO_COMP
-void *SSL_COMP_get_compression_methods(void)
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
{
return NULL;
}
-
-int SSL_COMP_add_compression_method(int id, void *cm)
+STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
+ *meths)
{
- return 1;
+ return meths;
}
-
-const char *SSL_COMP_get_name(const void *comp)
+void SSL_COMP_free_compression_methods(void)
{
- return NULL;
}
+int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
+{
+ return 1;
+}
+
#else
STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
{
@@ -1915,7 +1916,7 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
{
SSL_COMP *comp;
- if (cm == NULL || cm->type == NID_undef)
+ if (cm == NULL || COMP_get_type(cm) == NID_undef)
return 1;
/*-
@@ -1960,14 +1961,17 @@ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
return (0);
}
}
+#endif
const char *SSL_COMP_get_name(const COMP_METHOD *comp)
{
- if (comp)
- return comp->name;
+#ifndef OPENSSL_NO_COMP
+ return comp ? COMP_get_name(comp) : NULL;
+#else
return NULL;
-}
#endif
+}
+
/* For a cipher return the index corresponding to the certificate type */
int ssl_cipher_get_cert_index(const SSL_CIPHER *c)
{
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 8f74ef1..441c6fa 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2882,32 +2882,23 @@ const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
return (NULL);
}
-#ifdef OPENSSL_NO_COMP
-const void *SSL_get_current_compression(SSL *s)
-{
- return NULL;
-}
-
-const void *SSL_get_current_expansion(SSL *s)
-{
- return NULL;
-}
-#else
-
const COMP_METHOD *SSL_get_current_compression(SSL *s)
{
- if (s->compress != NULL)
- return (s->compress->meth);
- return (NULL);
+#ifndef OPENSSL_NO_COMP
+ return s->compress ? COMP_CTX_get_method(s->compress) : NULL;
+#else
+ return NULL;
+#endif
}
const COMP_METHOD *SSL_get_current_expansion(SSL *s)
{
- if (s->expand != NULL)
- return (s->expand->meth);
- return (NULL);
-}
+#ifndef OPENSSL_NO_COMP
+ return s->expand ? COMP_CTX_get_method(s->expand) : NULL;
+#else
+ return NULL;
#endif
+}
int ssl_init_wbio_buffer(SSL *s, int push)
{
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 9ae1a07..64feb84 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -705,15 +705,12 @@ typedef struct srp_ctx_st {
# endif
+typedef struct ssl_comp_st SSL_COMP;
struct ssl_comp_st {
int id;
const char *name;
-# ifndef OPENSSL_NO_COMP
COMP_METHOD *method;
-# else
- char *method;
-# endif
};
DECLARE_STACK_OF(SSL_COMP)
@@ -1045,18 +1042,10 @@ struct ssl_st {
int mac_flags;
EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
EVP_MD_CTX *read_hash; /* used for mac generation */
-# ifndef OPENSSL_NO_COMP
+ COMP_CTX *compress; /* compression */
COMP_CTX *expand; /* uncompress */
-# else
- char *expand;
-# endif
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
EVP_MD_CTX *write_hash; /* used for mac generation */
-# ifndef OPENSSL_NO_COMP
- COMP_CTX *compress; /* compression */
-# else
- char *compress;
-# endif
/* session info */
/* client cert? */
/* This is used to hold the server certificate used */
@@ -1357,11 +1346,7 @@ typedef struct ssl3_state_st {
struct dtls1_retransmit_state {
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
EVP_MD_CTX *write_hash; /* used for mac generation */
-# ifndef OPENSSL_NO_COMP
COMP_CTX *compress; /* compression */
-# else
- char *compress;
-# endif
SSL_SESSION *session;
unsigned short epoch;
};
diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
index 9277d2c..918e75e 100644
--- a/ssl/ssl_txt.c
+++ b/ssl/ssl_txt.c
@@ -221,9 +221,8 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
0)
goto err;
} else {
- if (BIO_printf
- (bp, "\n Compression: %d (%s)", comp->id,
- comp->method->name) <= 0)
+ if (BIO_printf(bp, "\n Compression: %d (%s)", comp->id,
+ comp->name) <= 0)
goto err;
}
}
diff --git a/test/ssltest.c b/test/ssltest.c
index 39f1d80..e531b32 100644
--- a/test/ssltest.c
+++ b/test/ssltest.c
@@ -995,7 +995,7 @@ int main(int argc, char *argv[])
int print_time = 0;
clock_t s_time = 0, c_time = 0;
#ifndef OPENSSL_NO_COMP
- int comp = 0;
+ int n, comp = 0;
COMP_METHOD *cm = NULL;
STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
#endif
@@ -1004,7 +1004,6 @@ int main(int argc, char *argv[])
int fips_mode = 0;
#endif
int no_protocol = 0;
- int n;
SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
STACK_OF(OPENSSL_STRING) *conf_args = NULL;
@@ -1373,7 +1372,7 @@ int main(int argc, char *argv[])
if (comp == COMP_ZLIB)
cm = COMP_zlib();
if (cm != NULL) {
- if (cm->type != NID_undef) {
+ if (COMP_get_type(cm) != NID_undef) {
if (SSL_COMP_add_compression_method(comp, cm) != 0) {
fprintf(stderr, "Failed to add compression method\n");
ERR_print_errors_fp(stderr);
diff --git a/util/libeay.num b/util/libeay.num
index d1b0303..b3dcd5d 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4557,3 +4557,7 @@ ASN1_TYPE_pack_sequence 4915 EXIST::FUNCTION:
ASN1_TYPE_unpack_sequence 4916 EXIST::FUNCTION:
CRYPTO_clean_free 4917 NOEXIST::FUNCTION:
CRYPTO_clear_free 4918 EXIST::FUNCTION:
+COMP_CTX_get_method 4919 EXIST::FUNCTION:
+COMP_CTX_get_type 4920 EXIST::FUNCTION:
+COMP_get_name 4921 EXIST::FUNCTION:
+COMP_get_type 4922 EXIST::FUNCTION:
diff --git a/util/ssleay.num b/util/ssleay.num
index ee82ef2..ab89e91 100755
--- a/util/ssleay.num
+++ b/util/ssleay.num
@@ -164,7 +164,7 @@ SSL_CTX_get_cert_store 180 EXIST::FUNCTION:
SSL_CTX_set_cert_store 181 EXIST::FUNCTION:
SSL_want 182 EXIST::FUNCTION:
SSL_library_init 183 EXIST::FUNCTION:
-SSL_COMP_add_compression_method 184 EXIST::FUNCTION:COMP
+SSL_COMP_add_compression_method 184 EXIST::FUNCTION:
SSL_add_file_cert_subjects_to_stack 185 EXIST:!VMS:FUNCTION:STDIO
SSL_add_file_cert_subjs_to_stk 185 EXIST:VMS:FUNCTION:STDIO
SSL_set_tmp_rsa_callback 186 EXIST::FUNCTION:RSA
@@ -219,13 +219,13 @@ SSL_set_msg_callback 267 EXIST::FUNCTION:
DTLSv1_client_method 268 EXIST::FUNCTION:
SSL_CTX_set_tmp_ecdh_callback 269 EXIST::FUNCTION:EC
SSL_set_tmp_ecdh_callback 270 EXIST::FUNCTION:EC
-SSL_COMP_get_name 271 EXIST::FUNCTION:COMP
-SSL_get_current_compression 272 EXIST::FUNCTION:COMP
+SSL_COMP_get_name 271 EXIST::FUNCTION:
+SSL_get_current_compression 272 EXIST::FUNCTION:
DTLSv1_method 273 EXIST::FUNCTION:
-SSL_get_current_expansion 274 EXIST::FUNCTION:COMP
+SSL_get_current_expansion 274 EXIST::FUNCTION:
DTLSv1_server_method 275 EXIST::FUNCTION:
-SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:COMP
-SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:COMP
+SSL_COMP_get_compression_methods 276 EXIST:!VMS:FUNCTION:
+SSL_COMP_get_compress_methods 276 EXIST:VMS:FUNCTION:
SSL_SESSION_get_id 277 EXIST::FUNCTION:
SSL_CTX_sess_set_new_cb 278 EXIST::FUNCTION:
SSL_CTX_sess_get_get_cb 279 EXIST::FUNCTION:
@@ -333,8 +333,8 @@ SSL_CTX_set_srv_supp_data 371 NOEXIST::FUNCTION:
SSL_CONF_cmd_argv 372 EXIST::FUNCTION:
DTLSv1_2_server_method 373 EXIST::FUNCTION:
SSL_COMP_set0_compress_methods 374 NOEXIST::FUNCTION:
-SSL_COMP_set0_compression_methods 374 EXIST:!VMS:FUNCTION:COMP
-SSL_COMP_set0_compr_methods 374 EXIST:VMS:FUNCTION:COMP
+SSL_COMP_set0_compression_methods 374 EXIST:!VMS:FUNCTION:
+SSL_COMP_set0_compr_methods 374 EXIST:VMS:FUNCTION:
SSL_CTX_set_cert_cb 375 EXIST::FUNCTION:
SSL_CTX_add_client_custom_ext 376 EXIST::FUNCTION:TLSEXT
SSL_is_server 377 EXIST::FUNCTION:
@@ -367,8 +367,8 @@ DTLSv1_2_method 404 EXIST::FUNCTION:
DTLS_server_method 405 EXIST::FUNCTION:
SSL_CTX_use_serverinfo_file 406 EXIST::FUNCTION:STDIO,TLSEXT
SSL_COMP_free_compress_methods 407 NOEXIST::FUNCTION:
-SSL_COMP_free_compression_methods 407 EXIST:!VMS:FUNCTION:COMP
-SSL_COMP_free_compr_methods 407 EXIST:VMS:FUNCTION:COMP
+SSL_COMP_free_compression_methods 407 EXIST:!VMS:FUNCTION:
+SSL_COMP_free_compr_methods 407 EXIST:VMS:FUNCTION:
SSL_extension_supported 409 EXIST::FUNCTION:TLSEXT
SSL_CTX_get_security_callback 410 EXIST::FUNCTION:
SSL_SESSION_print_keylog 411 EXIST::FUNCTION:
More information about the openssl-commits
mailing list